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WIRELESS COMMUNICATIO NS PRIVACY 
METHOD AND SYSTEM 



TECHNICAL FIELD OF THE INVENTION 

This invention relates to the broad field of 
wireless communication systems and, more particularly, to 
5 a wireless communications method and system that provides 

easily reprogrammable privacy in wireless communications. 
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BACKGROUND OF THE INVENTION 

Acceptable privacy systems for wireless 
communications systems such as cordless and cellular 
telephones have in common some way of authenticating a 
-mobile unit. Once authentication occurs, the mobile unit 
may communicate with a base station or another mobile 
unit. After authentication, however, no standard or 
easily adaptable method or system exists to ensure that 
wireless communications are private or secure. The ease 
with which a skilled person can intercept wireless 
communications establishes a need for privacy in these 
communications. Moreover, as cellular telephones become 
increasingly wide-spread, the need for privacy in these 
communications will surpass its current high level. 

To implement known privacy schemes in wireless 
communications requires additional circuitry that 
increases the purchase price of these systems . For 
example, U.S. Patent No, 5,153,919 to Reeds et al . 
(hereinafter Reeds ) describes an authentication and data 
encryption/decryption technique that requires both 
additional circuitry and additional cellular telephone 
systems software reprogramming . This scheme 
substantially increases the cellular telephone unit 
purchase price for systems that use it. Competitive 
market forces, however, continue to require that the 
purchase price of cellular or cordless telephones and 
other wireless communication systems remain as low as 
possible . 

Any system that protects wireless communications 
must also be flexible to combat creative attempts to 
violate or render ineffective the associated privacy 
scheme. A problem with systems similar to that of Reeds, 
to the contrary, is that the authentication and 
encryption circuitry has a high likelihood of becoming 
outmoded and its utility diminishing once its operation 
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becomes well-known. Furthermore, the combination of 
technology variances, jurisdictional variances, differing 
legal constraints on use of otherwise private 
information, and the various and ever changing legal 
tests and standards that provide privacy in electronic 
communications all require flexibility in any approach to 
making wireless communications private. Existing systems 
cannot respond to these differing circumstances. In 
fact, there does not exist a method and system that 
provides a flexible privacy scheme for wireless 
communications that is both economical to use and 
adaptable to existing and future wireless communications 
scenarios . 
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SUMMARY OF THE INVENTION 

The present invention, accordingly, provides a 
wireless communications privacy method and system that 
overcomes or reduces disadvantages and limitations 
associated with existing methods and systems of making 
wireless communications private or secure. 

One aspect of the invention, therefore, is a 
communications controller that provides private 
communication of communications signals such as voice, 
local area network, or signals over a wireless 
communications network. The controller includes a signal 
processing circuit for processing the communications 
signals to form processed communication signals and for 
enciphering the processed communications signals. 
Processing may include encoding, compression, forward 
error correction and channel equalization of the 
communication signals. For example, a base band chip 
such as the CT2 telephone control circuit having the name 
Am79C410 that Advanced Micro Devices of Sunnyvale, 
California produces (hereinafter generally called the 
"79C410") may perform the encoding and compression base 
band functions. A separate chip may perform the radio 
frequency (RF) function of channel equalization. A 
transceiver associates with the communications controller 
to transmit the enciphered and processed communication 
signals that the communication controller circuit 
produces . 

A further aspect of the present invention is a 
system that includes the above communications controller 
at a first sending location such as a mobile unit and a 
chip communications controller at a receiving location 
that receives the enciphered and processed communications 
signals. The receiving communications controller circuit 
deciphers and processes the communications signals for 
completing the ^vireless transmission. At the second 



19963-0101 





;nt application 



5 



communications controller, processing includes^ decoding, 
decompressing, forward error correction and channel 
equalization, if necessary. Again, this may entail the 
use of a base band chip for some functions and a radio 
function chip for other RF functions. 

The present invention may be employed in the 
communications controller circuit of a cordless telephone 
such as AM 79C410. Additionally, other wireless 
communication circuits could incorporate signal 
processing such as that of the present invention for 
communications signal processing and enciphering to 
provide the desired private communications over a 
wireless network. Such signals may include a wide 
variety of data types including, for example, an 
arbitrary data stream over a wireless local area network, 
or any of a number of wide are network schemes. 

A technical advantage of the present invention is 
that it more completely uses computational power that may 
be available at prescribed clock rates for cordless 
telephone and other wireless applications. For example, 
the 79C410, while in use, has computational power at its 
operating clock rate that permits implementing 
enciphering and deciphering algorithms to make voice 
communications private. The computations that take place 
providing this privacy do not, therefore, affect the 
proper operation of the 79C410 or other similar 
controller circuits . 

Another technical advantage of the present invention 
is that it utilizes the signal processing circuit of a 
single chip wireless communications controller not only 
for processing functions such as communications signal 
compression, encoding, and radio channel equalization, 
but also for enciphering and deciphering the processed 
signals. In the manufacture of a communications 
controller circuit according to the present invention. 
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only a minimal amount of additional circuitry and 
instructions are necessary to accommodate a wide variety 
of enciphering algorithms. This provides privacy in 
wireless communications controller circuits at minimal 
additional manufacturing costs while providing a 
desirable degree of system flexibility. 

Yet another technical advantage of the present 
invention is that it permits the manufacture of a 
"cryptographically neutral" device that may be enabled at 
an end point market. The controller circuit that the 
present invention employs allows embedding the 
enciphering and deciphering algorithms, as appropriate, 
for the particular legal or political jurisdiction in 
which a user seeks to use the communications device. 
This permits the purchaser or retailer to use the local 
definition of an acceptable or politically correct 
enciphering algorithm in the system with only a minimal 
amount of reprogramming . 

Still a further technical advantage of the present 
invention is that it flexibly uses a wide array of 
enciphering and deciphering algorithms within the signal 
processing circuit both for authentication between two 
communicating units and for developing a session key that 
maintains private communications between the two 
locations . 

An even further important technical advantage of the 
present invention is that it not only provides 
enciphering and deciphering for security purposes, but 
also provides at low cost flexible features such as 
compression and decompression of communication signals 
and forward error correction of these signals. 
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BRIEF DESCRIPTION OF THE DRAWINGS 

The above and other technical advantages of the 
present invention will become more readily understood 
when the invention is described in further detail below, 
5 reference being made to the accompanying drawings in 

which like reference numerals represent like parts 
throughout and irj^^hich: 

FIGURE ir'illu^rates a system architecture for 
implementing t41e present embodiment; 
10 FIGURE 2 provides a block diagram of a 

communications controller circuit usable in one 
embodiment of th^^.-^^esent invention; 

FIGURE B'^provides a block diagram of the ADPCM code 
and DTMF generator within the communications controller 
15 of the present^^^litJURE 2 embodiment; 

FIGURE 4 provides a set of exemplary timing diagrams 
for the frame synchronizing signal, DSP operation, and 
communications signal encryption according to the present 
embodiment ; 

20 FIGURE 5 provides a flow chart of an exemplary 

authentication process according to the present 
embodiment ; and/"^ 

FIGURE 6 is a flow chart of a session key generation 
process according to the concepts of the preferred 

25 embodiment. 
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DETAILED DESCRIPTION OF THE ILLUSTRATIVE EMBODIMENT 

With reference to FIGURE 1, one embodiment of the 
present invention uses a communications controller 
circuit such as the Am79C410 that Advanced Micro Devices 
of Sunnyvale, California produces and that has the 
trademark name "CT2 PhoX™" controller for digital 
cordless telephones (hereinafter CT2 controller) . With 
this device, FIGURE 1 shows a wireless communication 
system 10 that includes base station 12 and hand set 14. 
Base station 12 has as its communications controller 
circuit CT2 controller 16 that communicates through CT2 
RF transceiver 18 . Ringer 20 connects to CT2 controller 
16 to notify the user of an incoming call. Audio 
input /output (I/O) connection 22 provides the user 
controller communications path. Auxiliary audio 
connection 24 allows for auxiliary audio communications 
to devices such as a facsimile or modem device. 
Communications line interface circuit 26 interfaces CT2 
controller 16 with a hard-wire communications line, if 
desired. Keypad interface 28 permits control of base 
station 12 via keypad entry. ROM 3 0 and EEPROM 32 
provide needed memory functions for CT2 controller 16. 
Through these components, base station 12 communicates 
with hand set 14, Hand set 14 also includes CT2 
controller 34 that communicates through CT2 RF 
transceiver 36. Connections to controller 34 are similar 
to those of CT2 controller 16 and include microphone 38, 
earpiece 40, ringer 42, keypad 44, and memory devices 
such as EPROM 4 6 and ROM 48, 

CT2 controllers 16 and 34 perform protocol 
functions, data formatting, audio processing and 
peripheral communications for a common air interface CT2 
digital cordless telephone. It is within this digital 
cordless telephone environment of wireless communication 
system 10 that one embodiment of the present invention 
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operates to take advantage of the high integration and 
low power consumption that CT2 controllers 16 and 34 
provide. Within a controller such as CT2 controllers 16 
or 34, the present embodiment provides data enciphering 
5 and deciphering sufficient to make private the wireless 

communications between base station 12 and hand set 14 . 

An attractive feature of the present system is the 
high degree of privacy that results from minimal hardware 
and software changes to CT2 controllers 16 and 34. The 

10 exact amount of strength in the privacy function that the 

present embodiment obtains, however, is a function of a 
number of engineering variables. Adding more logic or 
program control and increasing data storage capacity over 
that of a standard 79C410 CT2 controller provides even 

15 stronger privacy. The present embodiment, however, 

provides an architecture that imposes privacy on the air 
link between hand set 14 and base station 12 and within 
an architecture achievable through software-only changes 
in communications controller 16 and 34 . For the present 

2 0 embodiment, therefore, private communications functions 

are reprogrammable and may include authenticating in a 
challenge-response-authentication sequence and developing 
a session key during wireless communications. 

To illustrate how the present embodiment achieves 

25 its desired results, reference is now made to the FIGURE 

2 schematic block diagram of the circuitry within CT2 
controller 16. In FIGURE 2, CT2 controller 16 dncludes 
CT2 functions circuit 50 that communicates with audio 
functions portion 52. Audio functions portion 52 

30 includes ADPCM (i.e., the Adaptive Differential Pulse 

Code Modulation technique of the CCITT G.721 
international standard) codec and DTMF generator 54 that 
includes a digital signal processor (DSP) for performing, 
among other functions, enciphering and deciphering in 

35 carrying out various functional aspects of the present 
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embodiment. Formatted CT2 functions flow from audio 
functions portion 52 to multifunction pin multiplexing 
circuit 56 and system control functions circuit 58. 
Clock generator 60 provides necessary clock signals for 
power management of multifunction pin multiplexing 
circuit 56, The operation of circuitry that satisfy the 
structural and functional requirements of CT2 controller 
16 in the present embodiment appears in the design 
specification for the 79C410 CT2 PhoX™ control circuit. 
This specification is expressly incorporated herein by 
reference . 

The ADPCM codec and DTMF generator 54 can implement 
a variety of privacy functions on a programmably 
selective basis. The privacy functions may be, for 
example, existing enciphering algorithms such as, for 
example, the United Kingdom enciphering algorithm "F, " 
that algorithm having the name "BONUS," or the "Data 
Enciphering Standard" or DES enciphering algorithm, as 
well as a wide array of other such algorithms that may 
not even exist today but that have common features with 
existing enciphering algorithms. The operation of the 
enciphering functions within ADPCM codec and DTMF 
generator 54 for purposes of the present embodiment 
appears more fully below in association with FIGURE 3 and 
4 . 

The present embodiment modifies the CT2 PhoX"" control 
circuit to provide a way to load, store, and execute 
additional digital signal processing programs in audio 
functions circuit 52 that implements G.721 transcoding, 
DTMF tone generation, and other audio signal processing 
functions. A standard 79C410 DSP executes its 
instructions entirely from a read-only instruction memory 
or IROM. The present embodiment adapts the 79C410 
circuit to form CT2 controller 16 by substituting a read- 
write instruction random access memory or IRAM of a size 
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suitable to allow it to perform any of the class of 
anticipated privacy functions. 

U.S. Patent Application Serial No. 07/983,477 by B. 
Stewart and R. Feemster and assigned to Advanced Micro 
5 Devices, Inc. of Sunnyvale, California (hereinafter 

Stewart ) describes an execution vector sequence that 
applies to the 79C410 and describes certain aspects of 
the 79C410 architecture. For the purpose of more clearly 
illustrating the application of the present embodiment as 

10 well as other relevant purposes, Stewart is incorporated 

herein by reference. Accordingly, modifications that the 
present embodiment makes to the 79C410 include connecting 
XOR gate 66 to serial port 64 of system control functions 
portion 568. XOR gate 66 exclusively XORs the output of 

15 serial port 64 with the FIFO shift output on line 68 that 

comes from FIFO shift circuitry 70. Audio functions 
portion 52 controls the operation of FIFO shift circuitry 
70 via line 72 to control the output of XOR gate 66. As 
a result of the operation of XOR gate 66, output line 74 

20 sends encrypted communication signals from CT2 controller 

16 . 

When encrypted communication signals appear on input 
line 76, they go to XOR gate 78 as does the key string or 
pseudo random number generator signal from FIFO shift 
25 circuitry 70 along line 68. Output from XOR gate 78 goes 

along line 80 to serial port 64. These are impressed 
upon on the communication signals that CT2 controller 16 
decrypts . 

To describe in yet more detail the structure and 
3 0 function of the present embodiment, FIGURE 3 provides a 

block diagram of the circuitry of ADPCM codec and DTMF 
generator 54 hereinafter generator 54 of CT2 controller 
16. Generator 54 receives analog input via input 90 to 
analog I/O circuit 92. Analog I/O circuit 92 also 
35 outputs audibly via speaker 94. Communications signals 
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flow between DSP 96 and analog I/O circuit 92. DSP 96 
has various connections with instruction read-only memory 
(IROM) 98, coefficient (CRAM) 100, and coefficient CROM 
102. Frame lines 104 connect between DSP 96 and FMT 106. 
5 Line 108 also connects between frame lines 104 and shift 

register 110, Shift register 110 output 112 goes to XOR 
gate 114 as does output 116 from serial I/O circuit 118. 
Serial I/O circuit 118 provides output 116 in response to 
input from line 120 that connects to FMT 106. XOR gate 

10 122 also provides to serial I/O circuit 118 input 124 

which is the exclusivity-OR' d output of the signal from 
line 126 and serial data input 128. Microprocessor 130 
receives DSP 96 output via line 132 and clock signal from 
clock , circuit 134 via line 13 6. Output for 

15 microprocessor 130 through line 138 drives FMT 106. 

Clock circuit 134 provides multiple clocking signals such 
as those through lines 140 and 142. 

For purposes of the present embodiment, digita.1 
signal processor (DSP) implementing the CCITT G.721 

20 transcoder is modified from the specified 79C410 

configuration by adding circuitry and instructions for 
the purpose of reading the frame counter of step 200. 
Additionally, a compliance code that the DSP contains is 
removed and a single enciphering algorithm is programmed 

25 in its place in DSP IROM 98 of FIGURE 3. 

In the standard 79C410 manufacture, DSP 96 can only 
execute a single program stored in this IROM at time of 
manufacture. The present embodiment adds to IROM 98 a 
random access (read-write) memory, or IRAM 101. As a 

3 0 result, not only does the CT2 controller 16, and hence 

hand set 12, as a whole have a useful function 
independent of enciphering and deciphering the 
telecommunications data streams (it would still be a 
voice coder with G.721 compression stored in ROM), but 

35 also there are uses of the modifications that do not 
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relate only to enciphering or deciphering. IRAM 101 may 
receive code for the purpose of demonstrating compliance 
with G.721 voice compression standards, IRAM 101 may 
also serve in the functions of enciphering and 
5 deciphering processed communication signals, forward 

error correction, and channel equalization if desired. 
The loading of IRAM 101 requires specially-designed 
software to accomplish the conversion of the device to a 
privacy function via the loading of IRAM 101. This 

10 approach is satisfactory for some privacy requirements. 

Yet another embodiment of the present invention 
removes the compliance code from the DSP and replaces the 
IROM space of the compliance code with the IRAM 101 as in 
the magneto-optic disk motion controller that is 

15 described in detail in U.S. Patent Application Serial 

08/100,152 assigned to Advanced Micro- Devices , Inc., of 
Sunnyvale, California (hereinafter the "MOMC 
controller"). The MOMC controller includes a DSP device 
that has an instruction random access (read-write) memory 

20 IRAM attached to a DSP that is similar in some respects 

to DSP 96 of FIGURE 3. Using the MOMC controller at 
manufacturing, a manufacturer may load the compliance 
code for testing, as appropriate. In the field, a user 
may load this same IRAM space with whatever algorithm 

25 happened to be required or whatever may be politically 

correct at the moment to affect an appropriate 
enciphering scheme to achieve private wireless 
communications according to the present invention. 
FIGURE 4 shows timing diagrams for frame 

3 0 synchronizing or synch signal 150, DSP 96 processing 

signal 152 and enciphering/deciphering processing signal 
154. The present embodiment causes DSP 96 to process 
voice signals according to the information in each frame 
of data from analog I/O circuit 92. Thus, at each frame 

35 synch signal pulse such as those at reference numerals 
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156 and 158 of frame synchronizing signal timing diagram 
150, DSP 96 processes one frame worth of analog input or 
output. Note that, according to timing diagrams 150 and 
152, there is a time between frame synch signals 156 and 
158 when DSP 96 is busy, as line level 160 indicates and 
a time when DSP 96 is idle, as level 162 indicates. The 
present embodiment uses this idle DSP 96 processing time 
to encipher or decipher the telecommunication signals. 
That is, the present embodiment uses DSP 96 to encipher 
and decipher the data stream of the telecommunications 
signal during the time that DSP 96 is not otherwise 
processing the communications signal. 

As enciphering/deciphering timing diagram 154 
illustrates, once DSP 96 discontinues processing the 
frame of communication signals and the processing 
activity ceases, DSP 96 processing timing diagram shifts 
from the busy level 160 to the idle level 162 and 
enciphering or deciphering of the frame of data, as 
appropriate, begins . Enciphering/deciphering timing 
diagram 154 indicates this change by shifting from idle 
level 164 to busy level 166, This continues until 
enciphering or deciphering is complete, as the shift from 
busy level 166 to idle level 164 shows. Note, however, 
that the shift from enciphering/deciphering busy level 
166 to idle level 164 occurs before the next frame synch 
signal 158 . 

The enciphering and deciphering functions of the 
present embodiment may include both authentication and 
session key generation within CT2 controller 16 to make 
communications between hand set 14 and base station 12 
private. The various steps that the inventive concepts 
encompass may be implemented in either software or 
hardware, or both hardware and software. FIGURE 5 
illustrates conceptually one way to perform the 
authentication process 170 of the present invention. 
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Line 172 represents the air interface between base 
station 12 and hand set 14. At base station 12, signal 
processing circuitry generates phone identifier 174 and 
random number 176, both of which CT2 controller 16 
5 directs to privacy function 178 . The combination of 

random number 176 and phone identifier 174 proceed 
through privacy function 178 that performs the 
enciphering to generate an expected response at step 180. 
Simultaneously, hand set 14 generates phone identifier 

10 182 which has the same value or meaning as phone 

identifier 174 within base station 12. In hand set 14, 
privacy function 184 (which is the same privacy function 
that base station 12 employs) receives from base station 
12 data that includes random number 176 and phone 

15 identifier 182 . Any one of a number of high-quality 

random number generators, based on key stroke timing or 
some other random variable, may be used to generate 
random number 176. The output of privacy function 184 
goes to matching function 186 as does the expected 

20 response from step 180. In CT2 controller 16, all 

calculations to implement authentication process 170 need 
not be performed in real time and, therefore, may be 
scheduled according to the available enciphering and 
deciphering windows the timing diagrams of FIGURE 4 

25 indicate. 

A strength of authentication process 170 is that 
phone identifiers 174 and 180 never appear over air 
interface 172. A sophisticated attacker of this system, 
however, may be able to mount a "known-plain text attack" 

3 0 to determine the enciphering key if he had been 

monitoring the air interface and could reliably determine 
which of the several possible algorithms specified as 
privacy functions 178 and 182 were in use. With 
increased clock rates or different system operating 

35 characteristics, however, this task becomes difficult. 
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Additionally, the present invention may use other 
enciphering algorithms that are more strongly resistant 
to this type of attack than are the F, BONUS, or DES 
enciphering algorithms of privacy functions 180 and 184. 

As yet a further example of an encryption scheme 
that the present embodiment may employ, reference is made 
to U.S. Patent No. 4,405,829 filed on December 14, 1977 
by Rivest et al . entitled "Cryptographic Communications 
System and Method" and assigned to the Massachusetts 
Institute of Technology, Cambridge, Massachusetts 
(hereinafter Rivest ) . Rivest describes a paired key 
encryption system where a decoding device and an encoding 
device is coupled to a communication channel. The 
encoding device is responsive to an applied message-to- 
be- transmitted M and an encoding to provide a cipher text 
word C for transmission to a particular decoding device. 
The encoding key E is a pair of positive integers e and n 
which are related to the decoding device. The present 
embodiment may employ the techniques of Rivest . For this 
purposes, as well as other purposes consistent with the 
scope of the present invention, Rivest is herein 
incorporated by reference. 

FIGURE 6 shows private data stream generation 
process 190 of one embodiment of the present invention. 
Beginning at step 192, process 190 begins by generating a 
phone identifier and, at step 194, an expected response. 
These two inputs go to privacy function 196 which may be 
an F, BONUS or DES algorithm or some other enciphering 
algorithm. From privacy function 196, a session key 198 
results. The session key 198 combines with the output 
from counter function 200 that counts the elapsed CT2 
frames in the secure or private mode. These two inputs 
then go to step 2 02 where any one of numerous different 
privacy functions may be employed to generate a "random" 
bit stream as step 204 indicates. The result from the 
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random bit stream of step 204 is a programmable mask to 
select the encipherment of D and or B channel data at 
step 206. The programmable mask generates a masked 
random bit stream at step 208. The masked random bit 
stream of step 208 then flows through logical XOR circuit 
210 with a clear data stream as line 212 indicates. The 
result is a private data stream that is communicated from 
either base station 12 through controller circuit 16 or 
hand set 14 through controller circuit 32. That is, 
session key generation process 190 may be performed at 
both base station 12 and hand set 14 to achieve two-way 
private wireless communications. 

As FIGURE 6 describes, therefore, after 
authentication the system of the present embodiment 
provides various privacy functions 196 to recombine the 
session key of step 198 and the expected response -data at 
step 194 to result in the random bit stream of step 204. 
The enciphering algorithm of privacy function 196 may be 
reapplied a number of times to yield a session key of the 
appropriate length. Once the session key is derived, 
privacy function 202 further enciphers the session key of 
step 198 with the counter data of step 200. Note that 
the present embodiment simultaneously derives the session 
key on both sides of the air interface 102, but the 
session key never itself appears on the air interface. 
The first application of the enciphering function at step 
196 produces a session key as indicated by step 198. 
This step need not be performed in real time and, 
therefore, may be done in a general purpose 
microprocessor such as microprocessor 13 0 of FIGURE 3. 
The second enciphering function occurs in real time 
during the enciphering function busy level 166 of 
enciphering/deciphering timing diagram 154 of FIGURE 4. 
This process may be performed by adding to the CT2 
controller 16, for example, both the logic to provide the 
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low-level bit modification and circuitry and instructions 
for implementing the enciphering function of step 202 
real time. 

The data flow of FIGURE 6 further shows combining 
5 clear data at clear data stream 212 with a pseudo-random 

bit stream 208 that masking step 206 generates. Pseudo- 
random bit stream 208 may be duplicated on the other side 
of air interface 172. XOR circuitry 210 assures that 
single-bit errors that occur on air interface 172 will 

10 not propagate beyond the frame location at which they 

occur and then go across air interface 172, Single-bit 
errors, therefore, will not affect the circuitry within 
communications controller 16 that already exists to deal 
with errors. Note, however, that the present inventive 

15 concepts are not confined to correcting for single-bit 

errors. The arbitrary privacy scheme of the present 
invention may use block encryption algorithms that 
communicate blocks, instead of streams, of data from one 
point to another. The DSP could then perform the desired 

20 forward error correction on the other side on the blocks 

of data. 

The preferred embodiment of the present invention 
may be retrofitted economically and practically into an 
already manufactured CT2 controller. Required changes 

25 include, for example, adding a logic circuit that has 

FIFO shift circuit 70, XOR gate 66, XOR gate 76 and the 
above-mentioned memory circuits associated with audio 
functions portion 52, all of FIGURE 2. Additionally, the 
instructions to perform programmable mask step 206 and 

3 0 the XOR logic function to encipher or decipher the data 

stream may be added to generator 54 of FIGURE 3 . Frame 
counter 106 of FIGURE 3 may be implemented in CT2 
functions circuit 50, preferably within generator 54. 
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OPERATION 

Although operation of the present embodiment is 
clear from the above description, the following 
5 description of the operation appears for completeness. 

CT2 controllers 16 and 34 can perform most privacy and 
authentication schemes of public-access cordless 
telephone in use at the present time throughout the 
world. Further, the programmability of the device now 

10 renders it generally useful for rather arbitrary privacy 

schemes and in other public access schemes. The 
following scheme, which is roughly descriptive of several 
standard schemes, provides an example of operation with 
the present embodiment . 

15 The present embodiment, therefore, provides wireless 

communication privacy for cordless and cellular telephony 
and local area network (LAN) , a wide area network (WAN) , 
and wireless data exchange. The method and system of the 
present embodiment authenticates a mobile unit such as 

2 0 hand set 14 and enciphers data in a control stream from 

the mobile unit to another mobile unit or to base station 
12 . By adding the XOR-based enciphering logic and the 
appropriate enciphering and deciphering algorithms in CT2 
controller, the capability to support various privacy 
25 schemes results. 

Similarly, a system of paired processors such as CT2 
controllers 16 and 34, but implementing different data 
protocols and perhaps different functions than the G.721 
speech compression, for example, lossless arbitrary-data 

3 0 compression may be implemented with the present 

embodiment . Such a system may be described for voice 
wireless link systems, where the data to be carried is 
not voice data but other arbitrary data streams. An 
example of comparison algorithms may be those which use a 
35 dictionary to store compression and decompression 
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information, such as the first and second methods of 
Lempel and Zir, called LZl and L22, respectively. These 
methods are disclosed in U.S. Patent No. 4,464,650 to 
Eastman et al . , and various improvements in the 
algorithms as disclosed in U.S. Patent Nos . 4,558,302 to 
Welch, 4,814,746 to Miller et al . , and 5,243,341 to 
Serouss et al . The present embodiment may use some or 
all of these techniques. As necessary to understand 
their use and application to the present invention, 
therefore, the above U.S. Patents are herein incorporated 
by reference. 

The present embodiment provides pair-key 
authentication scheme that occurs during call set-up and 
exchanges the session key for a keystream generation 
algorithm. The keystream generation algorithm processes 
the data being exchanged during the call. By operating 
in this mode, paired-key algorithms of rather arbitrary 
complexity can be executed by microprocessor 13 0 within 
generator 54, since the call set-up, authentication, 
billing information and session key exchange functions do 
not have to occur to generate a real-time keystream for 
impressing upon the voice data. A separate keystream 
generation algorithm, loaded into the IRAM, performs 
keystream generation in the idle time of the DSP after it 
processes each frame of G.721 speech compression. 
Keystream algorithms of greater complexity can be 
accommodated by choosing a suitable size of IRAM to hold 
the desired algorithm' s instruction codes and by 
increasing the system clock speed to allow the keystream 
generation to complete in the idle time after the 
processing of each G.721 speech data frame. This is 
described in the example of FIGURE 4, above. 

A further example operation may be seen in call- 
initiating and responding unit, each based on the 
modified 79C410 as described above, the following 
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sequence of events may occur to establish an authentic, 
private communications channel. At the initiation of the 
call, the initiating CT2 controller executes a 
microprocessor-based program to cause the generation of a 
5 call -setup message using the private portion of the 

paired key associated with the unit to be exchanged. 
After authentication by the responding CT2 controller 
unit, using the public portion of the paired key 
associated with the unit, a non-realtime private link for 

10 exchange of billing information and session key, or even 

optionally, the particular keystream generation 
algorithm, is established. The appropriate keystream 
algorithm is loaded into both the initiating and 
responding CT2 controller, and synchronous identical 

15 keystreams are generated for insertion and extraction of 

the data stream over a private air link. The result is 
the enciphering and deciphering of data between base 
station 12 and hand set 14 that makes communication 
between these points private. 

2 0 In summary, therefore, the present embodiment 

provides a method and system for privately communicating 
over a wireless communication network that includes a 
communications controller that provides private 
communication of communications signals such as voice 
25 signals over a wireless communications network. The 

controller includes a signal processing circuit for 
processing the communications signals to form processed 
communication signals and for enciphering the processed 
communications signals. Processing may include encoding, 

3 0 compression, channel equalization, and forward error 

correction modulation of the communication signals. A 
transceiver associates with the communications controller 
to transmit the enciphered and processed communication 
signals that the communication controller circuit 
3 5 produces. 
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A further aspect of the present embodiment is a 
system that includes the above communications controller 
at a first sending location such as a mobile unit and a 
chip communications controller at a receiving location 
5 that receives the enciphered and processed communications 

signals. The receiving communications controller circuit 
deciphers and processes the communications signals for 
completing the wireless transmission. At the second 
communications controller, processing includes decoding, 

10 decompressing, and channel equalization, if necessary. 

Although the invention has been described in detail 
in the foregoing for the purpose of illustration, it is 
to be understood that such detail is solely for that 
purpose. For example, not only can a data stream of 

15 voice data from a voice-compression DSP have application 

in the present invention, but also an arbitrary data 
stream can be protected according to the inventive 
concepts presented herein. 

Another alternative embodiment of the present 

20 invention may be to provide the above described point-to- 

point secure communications on insecure LANs. The 
present invention makes possible digital signature 
authentication and message encryption using either a 
single DSP or a single microprocessor, or using both a 

25 DSP and a microprocessor or even a separate security 

processing unit or a dedicated or small DSP to contain in 
hardware or software various encryption algorithms and 
the ability to execute instructions for performing such 
algorithms. To protect these algorithms and related 

3 0 encryption data, various physical schemes may be, for 

example, schemes that erase the encryption algorithms and 
data on any sign of tampering or reverse -engineering 
attempts. These schemes are well-known in the prior art. 
Various other protection schemes that prevent chip- 

3 5 probing equipment from accessing information from the 
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processor directly may also be used. Therefore, 
variations may be made therein by those skilled in the 
art without departing from the spirit and scope of the 
invention except as may be limited by the claims. 
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